package com.vxdata.framework.config;

import com.vxdata.common.filter.RefererFilter;
import com.vxdata.common.filter.RepeatableFilter;
import com.vxdata.common.filter.XssFilter;
import com.vxdata.common.utils.StringUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.DispatcherType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

/**
 * Filter配置
 *
 * @author ruoyi
 */
@Configuration
public class FilterConfig {
    // 防止XSS攻击
    @Value("${xss.enabled}")
    private String enabled;
    @Value("${xss.excludes}")
    private String excludes;
    @Value("${xss.urlPatterns}")
    private String urlPatterns;

    // 域名校验
    @Value("${security.csrf.enable}")
    private boolean csrfEnable;
    @Value("${security.csrf.refererPrefix}")
    private String refererPrefix;
    @Value("${security.csrf.excludes}")
    private String csrfExcludes;


    @SuppressWarnings({"rawtypes", "unchecked"})
    @Bean
    public FilterRegistrationBean xssFilterRegistration() {
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setDispatcherTypes(DispatcherType.REQUEST);
        registration.setFilter(new XssFilter());
        registration.addUrlPatterns(StringUtils.split(urlPatterns, ","));
        registration.setName("xssFilter");
        registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE);
        Map<String, String> initParameters = new HashMap<String, String>();
        initParameters.put("excludes", excludes);
        initParameters.put("enabled", enabled);
        registration.setInitParameters(initParameters);
        return registration;
    }

    @SuppressWarnings({"rawtypes", "unchecked"})
    @Bean
    public FilterRegistrationBean someFilterRegistration() {
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(new RepeatableFilter());
        registration.addUrlPatterns("/*");
        registration.setName("repeatableFilter");
        registration.setOrder(FilterRegistrationBean.LOWEST_PRECEDENCE);
        return registration;
    }

    /**
     * 域名校验过滤
     * 将 RefererFilter 注册到bean中
     *
     * @return
     */
    @SuppressWarnings({"rawtypes", "unchecked"}) // 取消关于未检查转换的警告，确保代码不因类型检查问题而发出警告
    @Bean // 声明该方法返回一个 Spring Bean，Spring 会自动注册该 Bean
    public FilterRegistrationBean refererFilterRegistration() {
        FilterRegistrationBean registration = new FilterRegistrationBean(); // 创建 FilterRegistrationBean 实例，用于注册过滤器
        // 创建 RefererFilter 实例，传入 refererPrefix、csrfEnable 和排除的 CSRF URL 列表
        registration.setFilter(new RefererFilter(csrfEnable, refererPrefix, Arrays.asList(csrfExcludes.split(","))));
        registration.addUrlPatterns("/*"); // 设置过滤器的 URL 模式为所有请求，意味着所有路径的请求都会被该过滤器拦截
        registration.setName("refererFilter"); // 设置过滤器的名称为 "refererFilter"，用于标识该过滤器
        registration.setOrder(FilterRegistrationBean.LOWEST_PRECEDENCE); // 设置过滤器的执行顺序为最低优先级，意味着它会在其他优先级更高的过滤器之后执行
        return registration; // 返回注册的 FilterRegistrationBean 实例，供 Spring 管理和使用
    }


}
